/**
* Negotiates language with the user's browser through the Accept-Language
* HTTP header or the user's host address. Language codes are generally in
* the form "ll" for a language spoken in only one country, or "ll-CC" for a
* language spoken in a particular country. For example, U.S. English is
* "en-US", while British English is "en-UK". Portuguese as spoken in
* Portugal is "pt-PT", while Brazilian Portuguese is "pt-BR".
*
* This function is based on negotiateLanguage from Pear HTTP2
* http://pear.php.net/package/HTTP2/
*
* Quality factors in the Accept-Language: header are supported, e.g.:
* Accept-Language: en-UK;q=0.7, en-US;q=0.6, no, dk;q=0.8
*
* @return string The negotiated language result or app.locale.
*/
public function negotiateLanguage()
{
$matches = $this->getMatchesFromAcceptedLanguages();
foreach ($matches as $key => $q) {
if (!empty($this->supportedLanguages[$key])) {
return $key;
}
}
// If any (i.e. "*") is acceptable, return the first supported format
if (isset($matches['*'])) {
reset($this->supportedLanguages);
return key($this->supportedLanguages);
}
if (class_exists('Locale') && !empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
$http_accept_language = Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE']);
if (!empty($this->supportedLanguages[$http_accept_language])) {
return $http_accept_language;
}
}
if ($this->request->server('REMOTE_HOST')) {
$remote_host = explode('.', $this->request->server('REMOTE_HOST'));
$lang = strtolower(end($remote_host));
if (!empty($this->supportedLanguages[$lang])) {
return $lang;
}
}
return $this->defaultLocale;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$token = $request->header('access-token');
$token = isset($token) ? $request->header('access-token') : $request->get('api_token');
if (!$token) {
return response('Unauthorized.', 403);
}
$key = getenv('APP_KEY');
$signer = new Sha256();
$data = new ValidationData();
// It will use the current time to validate (iat, nbf and exp)
$data->setIssuer($request->server('REMOTE_ADDR'));
$data->setAudience($request->server('HTTP_HOST'));
try {
$token = (new Parser())->parse((string) $token);
if (!$token->validate($data)) {
return response('Unauthorized data', 401);
}
if (!$token->verify($signer, $key)) {
return response('Unauthorized sign', 401);
}
putenv("USER=" . $token->getClaim('uid'));
return $next($request);
} catch (\Exception $e) {
return response('Unauthorized: ' . $e->getMessage(), 403);
}
}
/**
* Return a list of accept locale from the HTTP.
*
* @throws \Hpkns\I18n\Exceptions\EmptyAcceptHeader
* @return array
*/
public function getHeaderAcceptedLocales()
{
$accepted = $this->request->server('HTTP_ACCEPT_LANGUAGE');
if (empty($accepted)) {
throw new Exceptions\EmptyAcceptHeader('HTTP Accept header empty or not found');
}
return explode(',', $accepted);
}
public function authenticate(Request $request)
{
$credentials = $request->json()->all();
if (!($user = Auth::attempt($credentials, $request->has('remember')))) {
return false;
}
$user = Auth::user();
$key = getenv('APP_KEY');
$signer = new Sha256();
$token = (new Builder())->setIssuer($request->server('REMOTE_ADDR'))->setAudience($request->server('HTTP_HOST'))->setIssuedAt(time())->setNotBefore(time())->setExpiration(time() + 3600)->set('uid', $user->id)->sign($signer, $key)->getToken();
return $token->__toString();
}
/**
* Resolve language using HTTP_ACCEPT_LANGUAGE header
* which is used mostly by API requests
*
* @return array|null
*/
private function resolveHeader()
{
if (null === static::$languages) {
$httpLanguages = $this->request->server(config('localizer.request.header', 'HTTP_ACCEPT_LANGUAGE'));
if (empty($httpLanguages)) {
static::$languages = [];
} else {
$accepted = preg_split('/,\\s*/', $httpLanguages);
static::$languages = empty($languages = $this->buildCollection($accepted, $languages = [])) ? null : array_keys($languages)[0];
}
}
return static::$languages;
}
/**
* Check if there is any problem with the app key
*
* @param Request $request
* @return Response
*/
protected function appKeyAvailable($request)
{
$app_key = getenv('APP_KEY');
if (empty($app_key)) {
return false;
}
if (empty($request->server()['HTTP_X_APP_KEY'])) {
return false;
}
if ($app_key != $request->server()['HTTP_X_APP_KEY']) {
return false;
}
return true;
}
public function authenticate(Request $request)
{
$credentials = $request->json()->all();
if (!($user = Auth::attempt($credentials, $request->has('remember')))) {
return false;
}
$user = Auth::user();
$key = config('jwt.key');
$signer = new Sha256();
$builder = (new Builder())->setIssuer(config('jwt.host'))->set('uid', $user->id);
if (config('jwt.payload')['aud']) {
$builder->setAudience($request->server('REMOTE_ADDR'));
}
if (config('jwt.payload')['iss']) {
$builder->setIssuedAt(time());
}
if (config('jwt.payload')['nbf']) {
$builder->setNotBefore(time() + config('jwt.not_before_time'));
}
if (config('jwt.payload')['exp']) {
$builder->setExpiration(time() + config('jwt.expires'));
}
$token = $builder->sign($signer, $key)->getToken();
return $token->__toString();
}
public function unauthorized(Request $request)
{
if (!$request->server('HTTP_REFERER')) {
return redirect('/home');
}
return view('pages.unauthorized');
}
/**
* Handle an incoming request.
*
* @param Request $request
* @param Closure $next
*
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
// If the user is already logged in, we don't need to reauthenticate.
if (!$this->auth->check()) {
// Retrieve the SSO login attribute.
$auth = $this->getWindowsAuthAttribute();
// Retrieve the SSO input key.
$key = key($auth);
// Handle Windows Authentication.
if ($account = $request->server($auth[$key])) {
// Usernames may be prefixed with their domain,
// we just need their account name.
$username = explode('\\', $account);
if (count($username) === 2) {
list($domain, $username) = $username;
} else {
$username = $username[key($username)];
}
// Create a new user LDAP user query.
$query = $this->newAdldapUserQuery();
// Filter the query by the username attribute
$query->whereEquals($key, $username);
// Retrieve the first user result
$user = $query->first();
if ($user instanceof User) {
$model = $this->getModelFromAdldap($user, str_random());
if ($model instanceof Model) {
// Double check user instance before logging them in.
$this->auth->login($model);
}
}
}
}
return $this->returnNextRequest($request, $next);
}
/**
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
* @throws \Illuminate\Http\Exception\PostTooLargeException
*/
public function handle($request, Closure $next)
{
if ($request->server('CONTENT_LENGTH') > $this->getPostMaxSize()) {
throw new PostTooLargeException();
}
return $next($request);
}
protected function setupLayout()
{
$is_rapyd = (Request::server('HTTP_HOST') == "www.rapyd.com") ? true : false;
View::composer('rapyd::demo.*', function ($view) use ($is_rapyd) {
$view->with('is_rapyd', $is_rapyd);
});
}
public function index(Request $request)
{
$languages = RefMapper::type('language');
$bannerTypes = RefMapper::type('banner_type');
$games = RefMapper::type('game');
$user = $this->user;
if ($user->language_id == 0) {
$userAgentLanguage = $request->server('HTTP_ACCEPT_LANGUAGE');
$user->language_id = 4;
if (strpos($userAgentLanguage, 'ru') === 0) {
$user->language_id = 5;
}
if (strpos($userAgentLanguage, 'es') === 0) {
$user->language_id = 6;
}
$user->save();
}
if (count($user->bannerTypes()->get()) == 0) {
foreach ($bannerTypes as $bannerType) {
$user->refs()->attach($bannerType->id);
}
$user->save();
}
return view('app.pages.user.twitcher.profile.index', compact('languages', 'bannerTypes', 'games', 'user'));
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
$subject = ObjectFinder::GetObject($request->subject_type, $request->subject_id);
$subject->RecordNewComment($request->comment);
flash()->success('Success', "New Comment created successfully");
return redirect($request->server('HTTP_REFERER'));
}
/**
* Validate the github payload and signature.
*
* If you're wondering why the md5, see the link below.
* @see http://php.net/manual/en/function.hash-hmac.php#111435
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
private function isValidRequest($request)
{
$signature = $request->server('HTTP_X_HUB_SIGNATURE');
$secret = env('WEBHOOK_SECRET');
list($algo, $expectedHash) = explode('=', $signature, 2);
$payloadHash = hash_hmac($algo, $request->getContent(), $secret);
return md5($expectedHash) === md5($payloadHash);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$language = $request->server('HTTP_ACCEPT_LANGUAGE');
if (starts_with($language, 'zh-CN')) {
config(['app.locale' => 'zh-CN', 'timezone' => 'Asia/Shanghai']);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @throws App
*
* @return mixed
*/
public function handle($request, Closure $next)
{
$input = $request->input();
$input['HTTP_HOST'] = $request->server('HTTP_HOST');
$is_auth = json_decode($this->api->post('/oauth/middleware', $input), true);
if ($is_auth['status'] != 'success') {
App::abort(404);
}
return $next($request);
}
/**
* This method receive the photo profile and save in storage and update the user database
* @param Request $request
* @return $this
*/
public function postUpload(Request $request)
{
$urlBack = str_replace($request->server('HTTP_ORIGIN'), '', $request->server('HTTP_REFERER'));
//validate the image
$validator = Validator::make($request->all(), ['image' => 'required|image|max:200'], ['required' => 'Por favor selecciona un archivo', 'image' => 'Debes seleccionar una imagen', 'max' => 'La foto debe ser menor a 200kb']);
//if fail then return with errors
if ($validator->fails()) {
Session::flash('notify', ['type' => 'error', 'text' => $validator->errors()->first()]);
return redirect($urlBack);
}
$profile = str_random(12);
$manager = new ImageManager();
$image = $manager->make($request->file('image'));
$image->resize(100, 100);
$image->save(storage_path() . "/app/profile/" . $profile . ".jpg");
//Update the profile picture and save in storage
Session::flash('notify', ['type' => 'success', 'text' => 'La foto de perfil se ha actualizado correctamente']);
return redirect($urlBack)->withErrors($validator);
}
/**
* media.
*
* @param \Illuminate\Http\Request $request
* @param \Illuminate\Filesystem\Filesystem $filesystem
* @param \Illuminate\Contracts\Routing\ResponseFactory $request
* @param string $file
*
* @return \Illuminate\Http\Response
*/
public function media(Request $request, Filesystem $filesystem, ResponseFactory $responseFactory, $file)
{
$filename = __DIR__ . '/../../../public/' . $file;
$mimeType = strpos($filename, '.css') !== false ? 'text/css' : 'application/javascript';
$lastModified = $filesystem->lastModified($filename);
$eTag = sha1_file($filename);
$headers = ['content-type' => $mimeType, 'last-modified' => date('D, d M Y H:i:s ', $lastModified) . 'GMT'];
if (@strtotime($request->server('HTTP_IF_MODIFIED_SINCE')) === $lastModified || trim($request->server('HTTP_IF_NONE_MATCH'), '"') === $eTag) {
$response = $responseFactory->make(null, 304, $headers);
} else {
$response = $responseFactory->stream(function () use($filename) {
$out = fopen('php://output', 'wb');
$file = fopen($filename, 'rb');
stream_copy_to_stream($file, $out, filesize($filename));
fclose($out);
fclose($file);
}, 200, $headers);
}
return $response->setEtag($eTag);
}
/**
* Build the Steam login URL
*
* @param string $return A custom return to URL
*
* @return string
*/
private function buildUrl($return = null)
{
if (is_null($return)) {
$return = url('/', [], Config::get('steam-auth.https'));
}
if (!is_null($return) && !$this->validateUrl($return)) {
throw new Exception('The return URL must be a valid URL with a URI Scheme or http or https.');
}
$params = array('openid.ns' => 'http://specs.openid.net/auth/2.0', 'openid.mode' => 'checkid_setup', 'openid.return_to' => $return, 'openid.realm' => (Config::get('steam-auth.https') ? 'https' : 'http') . '://' . $this->request->server('HTTP_HOST'), 'openid.identity' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select');
return self::OPENID_URL . '?' . http_build_query($params, '', '&');
}
/**
* sound.
*
* @param \Illuminate\Filesystem\Filesystem $filesystem
* @param \Illuminate\Http\Request $request
* @param string $file
*
* @return \Illuminate\Http\Response
*/
public function sound(Filesystem $filesystem, Request $request, $file)
{
$filename = __DIR__ . '/../../../resources/elfinder/sounds/' . $file;
$mimeType = $filesystem->mimeType($filename);
$lastModified = $filesystem->lastModified($filename);
$eTag = sha1_file($filename);
$headers = ['content-type' => $mimeType, 'last-modified' => date('D, d M Y H:i:s ', $lastModified) . 'GMT'];
if (@strtotime($request->server('HTTP_IF_MODIFIED_SINCE')) === $lastModified || trim($request->server('HTTP_IF_NONE_MATCH'), '"') === $eTag) {
$response = $this->responseFactory->make(null, 304, $headers);
} else {
$response = $this->responseFactory->stream(function () use($filename) {
$out = fopen('php://output', 'wb');
$file = fopen($filename, 'rb');
stream_copy_to_stream($file, $out, filesize($filename));
fclose($out);
fclose($file);
}, 200, $headers);
}
return $response->setEtag($eTag);
}
private function getFromRemoteHostServer()
{
if (empty($remoteHost = $this->request->server('REMOTE_HOST'))) {
return null;
}
$remoteHost = explode('.', $remoteHost);
$locale = strtolower(end($remoteHost));
if ($this->isSupported($locale)) {
return $locale;
}
return null;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$_server = $request->server();
if (strpos($_server['HTTP_HOST'], ".mixd") === false && strpos($_server['HTTP_HOST'], "localhost") === false && strpos($_server['HTTP_HOST'], "local") === false && strpos($_server['HTTP_HOST'], ".dev") === false) {
$www = substr($_server['HTTP_HOST'], 0, 3);
if ($www !== 'www') {
$redirectTo = "http://www." . $_server['HTTP_HOST'] . "" . $_server['REQUEST_URI'];
return redirect($redirectTo, 301);
}
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
$locale = presence($request->input('locale')) ?? presence($request->cookie('locale')) ?? locale_accept_from_http($request->server('HTTP_ACCEPT_LANGUAGE'));
$locale = get_valid_locale($locale);
App::setLocale($locale);
$response = $next($request);
if (method_exists($response, 'withCookie')) {
return $response->withCookie(cookie()->forever('locale', $locale));
} else {
return $response;
}
}
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function show($id, Request $request)
{
if ($request->ajax()) {
$origen = strpos($request->server('HTTP_REFERER'), '/result');
if ($origen) {
$commissionTotal = \DB::table('commissions')->select(\DB::raw('sum(commissions.commission)as total'))->whereNull('commissions.deleted_at')->whereBetween('commissions.created_at', array($request->date1, $request->date2))->get();
return response()->json(["success" => true, "data" => $commissionTotal]);
} else {
return "otro";
}
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (Session::has('locale')) {
$locale = Session::get('locale', Config::get('app.locale'));
// dd($locale);
} else {
$locale = substr($request->server('HTTP_ACCEPT_LANGUAGE'), 0, 2);
if ($locale != 'ta' && $locale != 'en') {
$locale = 'en';
}
}
App::setLocale($locale);
return $next($request);
}
public function __construct(Request $request)
{
$httpCookie = $request->server('HTTP_COOKIE');
$cookieArray = array();
if ($httpCookie) {
$cookies = explode(";", $httpCookie);
foreach ($cookies as $cookie) {
$cookieObject = explode("=", trim($cookie));
$cookieArray[$cookieObject[0]] = $cookieObject[1];
}
}
$route = explode('/', Route::current()->uri());
$this->vars = array_merge($cookieArray, ['api' => \Request::root(), 'route' => isset($route[1]) ? $route[1] : null, 'type' => isset($route[2]) ? $route[2] : null, 'value' => isset($route[2]) ? $this->getLibrary($route[2]) : null]);
}
/**
* @param $raw
* @param $variable
* @return string
*/
public function resolveVariable($raw, $variable)
{
$method = str_replace(["remoteAddr", "scheme", "port", "queryString", "remoteUser", "referrer"], ["ip", "getScheme", "getPort", "getQueryString", "getUser", "referer"], camel_case($variable));
$server_var = str_replace(["ACCEPT", "ACCEPT_CHARSET", "ACCEPT_ENCODING", "ACCEPT_LANGUAGE", "HOST", "REFERER", "USER_AGENT"], ["HTTP_ACCEPT", "HTTP_ACCEPT_CHARSET", "HTTP_ACCEPT_ENCODING", "HTTP_ACCEPT_LANGUAGE", "HTTP_HOST", "HTTP_REFERER", "HTTP_USER_AGENT"], strtoupper(str_replace("-", "_", $variable)));
if (method_exists($this->request, $method)) {
return $this->request->{$method}();
} elseif (isset($_SERVER[$server_var])) {
return $this->request->server($server_var);
} else {
$output = [];
preg_match("/([-\\w]{2,})(?:\\[([^\\]]+)\\])?/", $variable, $output);
if (count($output) == 2) {
switch ($output[0]) {
case "date":
$output[] = "clf";
break;
}
}
if (is_array($output) && count($output) == 3) {
list($line, $var, $option) = $output;
switch (strtolower($var)) {
case "date":
$formats = ["clf" => Carbon::now()->format("d/M/Y:H:i:s O"), "iso" => Carbon::now()->toIso8601String(), "web" => Carbon::now()->toRfc1123String()];
return isset($formats[$option]) ? $formats[$option] : Carbon::now()->format($option);
case "req":
case "header":
return $this->request->header(strtolower($option));
case "server":
return $this->request->server($option);
default:
return $raw;
}
}
}
return $raw;
}
/**
* @param \Illuminate\Http\Request $request
*/
public static function send($request, $caller = null)
{
$text = 'User With This Id : ' . $request->user()->id . ' Is Going to attack : ' . '<br>';
if ($caller !== NULL) {
$text .= 'Caller: ' . $caller . '<br>';
}
$text .= 'IP: ' . $request->getClientIp() . '<br>';
$text .= 'Headers: ' . http_build_query($request->header()) . '<br>';
$text .= 'Headers: ' . http_build_query($request->headers) . '<br>';
$text .= 'Server: ' . http_build_query($request->server()) . '<br>';
$data = ['text' => $text];
Mail::queue('v1.emails.report', $data, function ($message) {
$message->subject(config('tezol.attack_report.subject'))->to(config('tezol.attack_report.to'), config('tezol.attack_report.toName'));
});
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$timestamp = $request->server('REQUEST_TIME');
$hour = Carbon::createFromTimeStamp($timestamp, Config::get('app.timezone'))->hour;
$message = 'こんばんは';
if (in_array($hour, range(5, 9))) {
$message = 'おはよう';
} else {
if (in_array($hour, range(10, 17))) {
$message = 'こんにちは';
}
}
$this->view->share('greetingMessage', $message);
return $next($request);
}
/**
* Shows the form for item editing.
*
* @param string $model Model to use.
* @param int $id Item ID.
* @return \Illuminate\Http\Response
*/
public function edit($model, $id)
{
$this->setModel($model);
$this->checkAction('edit');
$item = $this->staticModelgetFormItem($id);
if (!$item) {
abort(404);
}
$title = trans('lavanda::common.edit_title', ['entity' => mb_strtolower($this->staticModelGetName()), 'id' => $id]);
$form = $this->staticModelGetForm('put', $this->getRoute('update', ['id' => $id]), $this->session->hasOldInput() ? null : $item);
if (!$this->session->has('back_url')) {
$this->session->flash('back_url', $this->request->server('HTTP_REFERER'));
} else {
$this->session->reflash();
}
return view('lavanda::entity.edit', ['title' => $title, 'form' => $form]);
}
